Undervalued: The Business Benefits of Cybersecurity

At what point does cybersecurity become a core component of the fundamental business? Cyber is a business driver that deserves optimization.

Our societal attachment to technology and the never-ending state of connectivity between work and personal lives is creating a faster, smarter, emerging market filled with data and vulnerabilities. Business leaders and consumers widely agree on the prospects and capacities surrounding emerging technologies—phones, tablets, mobile apps, wearables, home appliances, vehicle sensors, etc.

However, the notion and value of properly securing these devices varies greatly between organizations and the consumers they serve. A new survey from KPMG titled “Consumer Loss Barometer” explores the emergence of cybersecurity as a business, not just an isolated IT problem. The report examines how more than 400 corporate executives and nearly 800 consumers perceive the role, risks, and rewards of cybersecurity.

One of the most eye-opening findings revealed in the survey shows 81 percent of executives admitting their companies have been compromised by cybersecurity in the past 24 months. Although cybersecurity is continually recognized as a risk and a threat, nearly half (49 percent) of executives polled indicate they have not invested in information security in the past year.

Some businesses race to market lacking proper security measures in order to position themselves as leaders. Others ignore or simply don’t understand the wide-ranging ramifications of releasing a vulnerable product. Conversely, without a cooperative and urgent approach to security, privacy, and trust going forward, companies face threats of hacks, abuse, exploitation of private data, and a risk-laden future.

Recent connected vehicle hacks, financial pilfering, and a laundry list of other breaches have proved just how vulnerable technology is. To remain competitive and secure, Greg Bell, U.S. leader, KPMG Cyber, says organizations should take an orbital view of cybersecurity and examine both the risks and rewards: “It's not about risk avoidance. It's about what risks a business can take to allow them to be agile, reactive and move fast to market. We need businesses to find that right tipping point between the risk and reward that is right for the company.”

Bell says organizations can create newfound opportunities by using cyber as a true business driver: “In too many industries, information security is still seen as a technology risk to be minimized instead of a business issue to be optimized.” When cyber is strategically looked at and aligned to the business, crucial consumer desires can be realized and monetized—branding, loyalty, sales, constancy, overall customer relationships, and business agility can all be generated from cyber.

In today’s age of competitive offerings and choice, consumers do not possess the same brand loyalty they once did. Consumers value companies that prioritize safeguarding personal information—financials, health records, and social practices. One breach, a single mishandling of consumer data, or a lone vulnerability can be the tipping point for consumers to switch brands, products, and services. Some consumers have zero tolerance for a hack against a company. Even if the company fixes the problem, negative consumer sentiment may be so fully entrenched that perception is forever skewed.

This is especially evident in the automotive industry. The KPMG survey indicated 8 in 10 consumers would be wary of or never buy from an automaker if that brand experienced a car hack. Consumer loss, reputation loss, data loss, financial loss, increased regulation, and job loss are all aftershocks of a hack. Conversely, only 32 percent of automotive companies invested capital funds into information security in the past year.

Gary Silberg, Americas head of automotive, KPMG LLP, says cars and trucks have evolved into highly complex computers on wheels: “Unlike most consumer products, a vehicle breach can be life-threatening, especially if the vehicle is driving at highway speeds and a hacker gains control of the car. That is a very scary but possible scenario, and it’s easy to see why consumers are so sensitive about cybersecurity as it relates to their cars. Addressing cybersecurity concerns is a critical priority for automakers and one they cannot afford to get wrong.”

Money alone will not solve the problem. Cyber investment needs to be carefully thought out, as technology is not a cure-all elixir. Some companies spend lots of money on technology but little on talent to monitor and calibrate the technology in real-time to meet the changing needs of security. Cyber needs to be baked into any company initiative, product, or service development.

Data from the survey shows cybersecurity can be influential in producing more brand loyalty. Consumers see value in companies providing more transparency and communication to assure cybersecurity protections are ongoing and present. When organizations invest and align cybersecurity as a business priority, they can create advantageous positioning as trusted leaders and providers. Reputation and trust are precious attributes consumers seek, appreciate, and act on.

Intelligent and strategic implementation, collaboration, and investment can pave the way for a harmonic cyber ecosystem that adheres to policies and standards—solidifying the safe advancement of some of the most influential emerging technologies of our time. Innovative and proactive approaches to protecting valuable data and devices can go a long way to not only appeasing consumers but also simultaneously offering companies’ new value beyond their products and services.

Nearly a third of CEOs in KPMG’s latest global survey identified cyber security as the issue having the biggest impact on their companies today—and only half (49 percent) say they are fully prepared for a cyber event.